[asterisk-bugs] [JIRA] (ASTERISK-23254) Bad ao2_find() usage in pjsip_options.c

Matt Jordan (JIRA) noreply at issues.asterisk.org
Fri Mar 28 14:00:56 CDT 2014 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-23254?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Jordan updated ASTERISK-23254:
-----------------------------------

    Target Release Version/s: 12.2.0

> Bad ao2_find() usage in pjsip_options.c
> ---------------------------------------
>
>                 Key: ASTERISK-23254
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-23254
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip
>    Affects Versions: 12.0.0
>            Reporter: Richard Mudgett
>            Assignee: Richard Mudgett
>      Target Release: 12.2.0
>
>         Attachments: jira_asterisk_23254_v12.patch, jira_asterisk_23254_v12_v2.patch, jira_asterisk_23254_v12_v3.patch, jira_asterisk_23254_v12_v4.patch
>
>
> In the res/res_pjsip/pjsip_options.c:on_endpoint() function the ao2_find is useless because it will never match anything.
> {code}
> if (ao2_find(contacts, arg, OBJ_NODATA | OBJ_POINTER)) {
> 	return CMP_MATCH;
> }
> {code}
> As a result pjsip_options.c:find_endpoints() will never return any matching endpoints and the pjsip_options.c:qualify_contact() will not have an endpoint to qualify.
> pjsip_options.c:qualify_contact() needs to check if it actually finds an endpoint before sending the qualify.  If it cannot find an endpoint it needs to generate an ERROR message and return.  A crash is likely if an endpoint is not found and the qualify message is challenged for authentication.  Alternatively, a configured default endpoint could be used as a final fallback before failing.
> {code}
> if (!endpoint_local) {
> 	struct ao2_iterator *endpoint_iterator = find_endpoints(contact);
> 	/* try to find endpoints that are associated with the contact */
> 	if (endpoint_iterator) {
> 		/* find "first" endpoint in order to authenticate - actually any
> 		   endpoint should do that matched on the contact */
> 		endpoint_local = ao2_iterator_next(endpoint_iterator);
> 		ao2_iterator_destroy(endpoint_iterator);
> 	}
> }
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list